Mobile phones and other portable communication devices are increasingly being utilized as network-connected, general purpose computing devices. In addition to traditional features such as voice services and messaging services (e.g., SMS and MMS), new mobile phone features include value added data plans that range from general Internet connectivity for Web browsing and email to multi-media on-demand content delivery, as well as local application data sync to network-based services. While voice and messaging services still form the core business for mobile operators, premium data plans based on partnerships between mobile operators and service providers are emerging as a new, viable business model.
An underlying over-the-air (OTA) network can support authentication, confidentiality, and integrity of a communication channel between a mobile phone and the network of a mobile operator. However, relying exclusively on the security properties of the underlying network can expose vulnerabilities and/or compromise secure data transfers. For wireless mobile roaming, a communication path can include any number of networks based on various roaming agreements, and a communication bridge between a mobile phone and a home network may include or go through any visited or utilized network that the home mobile operator has a roaming coverage agreement. From a security standpoint, any cryptographic protection is terminated at each hop in the communication path. Even in a non-roaming scenario, a mobile operator may include autonomously administered operating companies with a non-uniform set of security practices and procedures, thus being more exposed to data compromise.
Implementing an encrypted end-to-end data channel from a mobile phone to a service provider, in addition to the node-by-node encryption performed by the underlying network can be problematic. In a roaming scenario, and due to encryption regulations in some countries, the data channel between a SIM of a mobile phone and a visited or utilized network is integrity protected only, while the data itself is not encrypted. Thus, end-to-end encryption at a higher or different layer has the potential to leave the mobile operator out of compliance with local encryption laws.